Chiebot-Mirror
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

avcodec/av1dec: partially clean state on frame decoding errors

Browse Source 
Fixes: member access within null pointer of type 'TileGroupInfo' (aka 'struct TileGroupInfo')
Fixes: 25725/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AV1_fuzzer-5166692706287616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: James Almer <jamrial@gmail.com>
pull/355/head
James Almer 4 years ago
parent 069d2b4a50
commit 05872c67a4
1 changed files with 5 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      libavcodec/av1dec.c

5
libavcodec/av1dec.c
Unescape View File

@ -686,6 +686,7 @@ static int av1_decode_frame(AVCodecContext *avctx, void *frame,
ret = set_context_with_sequence(avctx, s->raw_seq);
if (ret < 0) {
av_log(avctx, AV_LOG_ERROR, "Failed to set context.\n");
s->raw_seq = NULL;
goto end;
}
@ -694,6 +695,7 @@ static int av1_decode_frame(AVCodecContext *avctx, void *frame,
if (ret < 0) {
av_log(avctx, AV_LOG_ERROR,
"Failed to get pixel format.\n");
s->raw_seq = NULL;
goto end;
}
}
@ -703,6 +705,7 @@ static int av1_decode_frame(AVCodecContext *avctx, void *frame,
unit->data_size);
if (ret < 0) {
av_log(avctx, AV_LOG_ERROR, "HW accel decode params fail.\n");
s->raw_seq = NULL;
goto end;
}
}
@ -841,6 +844,8 @@ static int av1_decode_frame(AVCodecContext *avctx, void *frame,
end:
ff_cbs_fragment_reset(&s->current_obu);
if (ret < 0)
s->raw_frame_header = NULL;
return ret;
}

Write Preview
Loading…
Cancel
Save